jmestwa-coder commented on PR #1045: URL: https://github.com/apache/poi/pull/1045#issuecomment-4208400264
here’s what happens when the new tests are run without this change: When `unitsPerInch = 0` is parsed, it is later used as a divisor during scaling. This results in infinite dimensions. Those values are then used when creating the `BufferedImage`, where they get converted to integers. In practice, this can turn into very large dimensions (close to `Integer.MAX_VALUE`), which may lead to excessive memory allocation attempts or runtime failures. So without this fix: * The parser accepts `unitsPerInch = 0` * Scaling produces infinite dimensions * Rendering may attempt to allocate extremely large images With this change: * The invalid value is rejected early at the parser boundary * The unsafe scaling and allocation path is never reached -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
